ANOTHER Huawei partner accused of slipping US tech to Iran

HP tech 'priced and specced' in embargo breach - report


Documents offering to supply embargoed technology to Iran have been unearthed by Reuters, showing Huawei partner Skycom Tech Co Ltd bidding to provide HP servers to an Iranian mobile network - in breach of sanctions.

The bid, seen by Reuters, was submitted in 2010 by Skycom to Mobile Telecommunication Co of Iran (MCI) and comprises €20m worth of comms gear - including €1.3m of HP kit which cannot be imported into Iran because of US sanctions. Skycom is a partner of Huawei, and the bid apparently includes 13 pages marked "Huawei Confidential", prompting the accusation that Huawei is directly involved.

The Chinese company happily admits that Skycom is an Iranian partner, and that the bid was submitted by Skycom, but denies any wrongdoing itself though Reuters reckons the two companies are close enough for one to be held responsible for the actions of the other.

The last time a Huawei partner was accused of selling US tech to Iran, Huawei contacted El Reg to say that the company in question, Soda GoStar, was not a Huawei partner.

"On LinkedIn.com, several telecom workers list having worked at 'Huawei-skycom'," explains the Reuters coverage, continuing: "A former Skycom employee said the two companies shared the same headquarters in China. And an Iranian telecom manager who has visited Skycom's office in Tehran said, 'Everybody carries Huawei badges'."

What's not clear is if the bid was ultimately successful, or who provided the HP servers which MCI had been using to run its billing systems.

The US wants to restrict the flow of computing hardware into Iran to hinder the country's nuclear programme, but with international channels that are so convoluted, it's very hard to control access to such ubiquitous equipment. HP's terms and conditions specify that its buyers should conform to US export laws, but enforcing such restrictions is next to impossible. ®

Similar topics

Broader topics

Narrower topics


Other stories you might like

  • Israeli air raid sirens triggered in possible cyberattack
    Source remains unclear, plenty suspect Iran

    Air raid sirens sounded for over an hour in parts of Jerusalem and southern Israel on Sunday evening – but bombs never fell, leading some to blame Iran for compromising the alarms. 

    While the perpetrator remains unclear, Israel's National Cyber Directorate did say in a tweet that it suspected a cyberattack because the air raid sirens activated were municipality-owned public address systems, not Israel Defense Force alarms as originally believed. Sirens also sounded in the Red Sea port town of Eilat. 

    Netizens on social media and Israeli news sites pointed the finger at Iran, though a diplomatic source interviewed by the Jerusalem Post said there was no certainty Tehran was behind the attack. The source also said Israel faces cyberattacks regularly, and downplayed the significance of the incident. 

    Continue reading
  • Microsoft seizes 41 domains tied to 'Iranian phishing ring'
    Windows giant gets court order to take over dot-coms and more

    Microsoft has obtained a court order to seize 41 domains used by what the Windows giant said was an Iranian cybercrime group that ran a spear-phishing operation targeting organizations in the US, Middle East, and India. 

    The Microsoft Digital Crimes Unit said the gang, dubbed Bohrium, took a particular interest in those working in technology, transportation, government, and education sectors: its members would pretend to be job recruiters to lure marks into running malware on their PCs.

    "Bohrium actors create fake social media profiles, often posing as recruiters," said Amy Hogan-Burney, GM of Microsoft's Digital Crimes Unit. "Once personal information was obtained from the victims, Bohrium sent malicious emails with links that ultimately infected their target's computers with malware."

    Continue reading
  • US tweaks requirement for investors to dump Chinese tech stocks
    Stockholders can keep shares in Huawei, SMIC, and Inpsur - they're just not allowed to sell

    The United States last week quietly eased its ban on investors holding stock in, or otherwise profiting from, Chinese companies that are felt to have ties to China's military.

    The ban was first imposed by president Donald Trump with a 2020 executive order that forbade US-based individuals or entities owning shares in private Chinese companies identified as offering support to China's military, intelligence, and security agencies, by auditing their "development and modernization."

    President Biden later issued a similar order of his own.

    Continue reading
  • Iran, China-linked gangs join Putin's disinformation war online
    They're using the invasion 'to take aim at the usual adversaries,' Mandiant told The Reg

    Pro-Beijing and Iran miscreants are using the war in Ukraine to spread disinformation that supports these countries' political interests — namely, advancing anti-Western narratives – according to threat-intel experts at Mandiant.

    Additionally, Iranian cyber-campaigns are using Russia's invasion of its neighbor to take aim at Saudi Arabia and Israel, the researchers found.

    In a new report published today, Mandiant's Alden Wahlstrom, Alice Revelli, Sam Riddell, David Mainor and Ryan Serabian analyze several information operations that the team has observed in its response to the conflict in Ukraine. It also attributes these campaigns to actors that the threat researchers say are operating in support of nation-states including Russia, Belarus, China and Iran.

    Continue reading
  • Iran-linked Cobalt Mirage extracts money, info from US orgs – report
    Khamenei, can you just not? Not right now, fam

    The Iran-linked Cobalt Mirage crew is running attacks against America for both financial gain and for cyber-espionage purposes, according to Secureworks' threat intelligence team.

    The cybercriminal gang has been around since June 2020, and its most recent activities have been put into two categories. One, using ransomware to extort money, as illustrated by a strike in January against a US philanthropic organization, according to Secureworks' Counter Threat Unit (CTU); and two, gathering intelligence, with a local government network in the United States targeted in March, CTU researchers detailed Thursday.

    "The January and March incidents typify the different styles of attacks conducted by Cobalt Mirage," they wrote. "While the threat actors appear to have had a reasonable level of success gaining initial access to a wide range of targets, their ability to capitalize on that access for financial gain or intelligence collection appears limited. At a minimum, Cobalt Mirage's ability to use publicly available encryption tools for ransomware operations and mass scan-and-exploit activity to compromise organizations creates an ongoing threat."

    Continue reading
  • Who is exploiting VMware right now? Probably Iran's Rocket Kitten, to name one
    We hope you've patched that 9.8/10 severity bug

    A team of Iranian cyber-spies dubbed Rocket Kitten, for one, is likely behind attempts to exploit a critical remote-code execution vulnerability in VMware's identity management software, according to endpoint security firm Morphisec.

    Earlier this month, VMware disclosed and fixed the security flaw, tracked as CVE-2022-22954, in its Workspace ONE Access and Identity Manager software. In terms of CVSS severity, the bug was rated 9.8 out of 10. We note the virtualization giant revised its advisory on the matter on April 13 to say miscreants had exploited the vulnerability in the wild.

    The bug involves server-side template injection, and can be abused by anyone with network access. Exploitation essentially clears the way for intruders to deploy ransomware, steal data, and perform any other dirty deeds.

    Continue reading
  • Review: Huawei's Matebook X Pro laptop is forgetful and forgettable
    Blows hot and cold, and gets right up your nose

    Desktop Tourism Rightly or wrongly, Huawei has acquired a reputation for being a risky proposition, security-wise. It almost beggars belief, then, that the Chinese goliath's flagship Matebook X Pro laptop contains a literal hidden webcam secreted under a fake function key on the top row of its keyboard.

    Touch the key and it clicks lightly, then springs up to reveal the camera.

    It's a terrible place for the camera because when the laptop is flat on a desk and close enough to type on, the view it affords would probably please an ear, nose, and throat surgeon conducting a remote examination. Needless to say, that angle is not going to show your best side during a Zoom or Teams session. And you can't change the angle without moving the entire laptop into odd positions or placing it too far away to type.

    Continue reading

Biting the hand that feeds IT © 1998–2022